CVE-2022-37306 — Vulnetix

CVE-2022-37306 PUBLISHED CVSS 6.099999904632568 MEDIUM

OX App Suite before 7.10.6-rev30 allows XSS via an upsell trigger.

EPSS 0.44% · 63.4th percentile

Risk Scores

CVSS 3.1

6.099999904632568

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.44%

63.4th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
open-xchange	ox_app_suite	7.10.6, 7.10.6, 7.10.6

Exploit Intelligence

https://open-xchange.com (circl)
http://packetstormsecurity.com/files/171003/OX-App-Suite-Cross-Site-Scripting-Server-Side-Request-Forgery.html (vulncheck-nvd)

Timeline

Nov 1, 2022 CVE Published
Apr 16, 2023 EPSS Score
May 24, 2023 EPSS Score
Jun 30, 2023 EPSS Score
Aug 7, 2023 EPSS Score
Sep 13, 2023 EPSS Score
Oct 21, 2023 EPSS Score
Nov 28, 2023 EPSS Score
Jan 4, 2024 EPSS Score
Jan 22, 2024 CVE Updated
Feb 11, 2024 EPSS Score
Mar 19, 2024 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›